Posted by Onapsis Research Labs on Feb 25

Onapsis Security Advisory ONAPSIS-2015-004: SAP Business Objects
Unauthorized Audit Information Delete via CORBA

1. Impact on Business
=====================

By exploiting this vulnerability a remote unauthenticated attacker would be
able to delete auditing information of the remote system.

This way, the attacker could perform malicious activities without being
detected.

Risk Level: High

2. Advisory Information
=======================

-…